Creating the template fragment Generating the module schema Publishing requirements

Module structure and requirements

A module consists of two main pieces:

A template fragment, which defines the resources and associated information you want to provision through use of the module, including any module parameters you define.
A module schema that you generate based on the template fragment. The module schema declares the contract you defined in the template fragment, and is viewable to users in the CloudFormation registry.

Creating the module template fragment

The starting point for developing a module is the template fragment. The template fragment is a file that contains the information that defines the resources for CloudFormation to provision during stack operations, including:

A Resources section that defines the resources to be provisioned.

The Resources section is required.
Additional other template sections related for the provisioning of the resources as necessary, such as Outputs and Conditions.
A Parameters section for any optional module-level parameters you want to define.

Much like template parameters, module parameters enable the user to input custom values to a module from the template (or module) that contains it. The module can then use these values to set properties of the resources it contains.

Currently, CloudFormation supports template fragments written in JSON or YAML.

For example, the following template fragment creates an S3 bucket resource, and sets the AccessControl property to Private and the resource DeletionPolicy to Retain. In addition, the template fragment defines a module-level parameter, VersioningConfigurationParam, whose values is used to set the VersioningConfiguration status of the S3 bucket.


{
    "AWSTemplateFormatVersion": "2010-09-09",
    "Description": "A sample S3 Bucket module (AWS::SampleS3::Bucket::MODULE)",
    "Parameters": {
        "VersioningConfigurationParam": {
            "Description": "Versioning configuration",
            "Type": "String"
        }
    },
    "Resources": {
        "S3BucketName": {
            "Type": "AWS::S3::Bucket",
            "Properties": {
                "AccessControl": "Private",
                "VersioningConfiguration": {
                    "Status": {
                        "Ref": "VersioningConfigurationParam"
                    }
                }
            },
            "DeletionPolicy": "Retain"
        }
    }
}

You can author template fragments manually, or use any tool that generates CloudFormation templates. For example, you can use the AWS Cloud Development Kit (AWS CDK) to synthesize one or more AWS CDK constructs to produce a CloudFormation template, and then use that template as the basis for a module. For more information about the CDK, see the AWS Cloud Development Kit (AWS CDK).

Note

Be aware that regardless of the method you use to create a module's template fragment, it must adhere to the restrictions on what can be included in a template fragment for a module.

Considerations when authoring the template fragment

Keep in mind the following considerations when developing modules:

Modules are, by design, predictable, and transparent. Because of this, you can't include features which can potentially result in external information or resources being imported into the module. These features include:
- Importing stack values, using Fn::ImportValue intrinsic function.
- Exporting stack values, using the Export field in the Outputs template section. (Use of the Outputs section is supported.)
- Macros, including use of the Transform template section or the Fn::Transform function.
  
  This includes transforms provided by CloudFormation, such as AWS::Include and AWS::Serverless.
- Nested stacks, which are represented in the template by the AWS::CloudFormation::Stack resource.
- Stack sets, which are represented in the template by the AWS::CloudFormation::StackSet resource.
Tags can't be specified at the module level. However:
- You can assign tags to individual resources within the module, as you would assign tags to any resource.
- You can use module parameters to set tag values.
  
  Create the module parameter, and then have the tag you've assigned to individual resources within the module reference that module parameter. For more information, see Using parameters to specify module values in the CloudFormation User Guide.
- Tags you specify at the stack level are assigned to the individual resources derived from the module.
Helper scripts specified at the module level don't propagate to the individual resources contained in the module when CloudFormation processes the template.
Outputs specified in the module are propagated to outputs at the template level.

Each output will be assigned a logical ID that's a concatenation of the module logical name and the output name as defined in the module. For more information about outputs, see Outputs in the CloudFormation User Guide.
Parameters specified in the module Aren't propagated to parameters at the template level.

However, you can create template-level parameters that reference module-level parameters. For more information, see Using parameters to specify module values in the CloudFormation User Guide.

Nesting modules

Modules can contain other modules. You can nest modules up to three levels deep. To include a module in your module, reference it in the Resources section of your template fragment, as you would any other resource. For an example, see Specifying properties on resources in a child module from the parent module in the CloudFormation User Guide.

Macros and modules

CloudFormation doesn't support inclusion of modules in macros. A module can't contain a macro.

For more information on macros, see Using macros to perform custom processing in the CloudFormation User Guide.

Defining parameters in a module

Much like template parameters, module parameters enable the user to input custom values to a module from the template (or module) that contains it. The module can then use these values to set properties of the resources it contains.

You define a module parameter as you would a template parameter. For detailed information about parameter requirements and definition, see Parameters in the CloudFormation User Guide.

Dynamic references aren't resolved when the module is processed by CloudFormation, but when the individual resources are created or updated during stack operations.

Module parameters don't count toward the parameter maximum for template parameters. For information on template parameters and their limits, see Parameters in the CloudFormation User Guide.

Parameters specified in the module are not propagated to parameters at the template level. However, you can create template-level parameters that reference module-level parameters.

For information on how users can specify parameter values in modules, see Using parameters to specify module values in the CloudFormation User Guide.

Specifying constraints for module parameters

Module parameters don't support Constraint enforcement. To perform constraint checking on a module parameter, create a template parameter with the desired constraints, then reference that template parameter in your module parameter.

Specifying policies on resources contained in a module

If you specify the following resource policy attributes at the module level, CloudFormation applies the policy attribute to all resources contained in the module:

DeletionPolicy
UpdateReplacePolicy

This doesn't include specifying the Snapshot option for UpdateReplacePolicy. Specify this option on the resource directly.

Policy attributes specified at a resource level override any specified at the module level.

You can't specify the following resource policy attributes at the module level:

CreationPolicy
UpdatePolicy

If you use a DependsOn attribute to specify that a resource in your template depends on a module, CloudFormation will finish provisioning all resources in the module before provisioning the dependent resource.

For more information on resource policies, see Resource attribute reference in the CloudFormation User Guide.

Generating the module schema

The module schema is generated from the template fragment, and defines the contract to which the module adheres, including defining the input it accepts and the possible resources it resolves to when included in a template.

To generate the module schema, use the validate command once you've authored your template fragment.

For example, suppose you created a module package and used the template fragment above. The validate command would result in the following module schema:


{
  "typeName": "AWS::SampleS3::Bucket::MODULE",
  "properties": {
    "VersioningConfigurationParam": {
      "description": "Version Configuration",
      "type": "string"
    }
  },
  "resources": {
    "type": "object",
    "properties": {
      "S3Bucket": {
        "$ref": "aws-s3-bucket.json"
      }
    },
    "additionalProperties": false
  }
}

For more information, see Develop a module.

Model requirements for publishing a public module

If you want to make your module publicly available to all CloudFormation users, you can publish it to the CloudFormation registry. In order to publish your module, it must meet the following model requirements. Before publishing, use TestType to confirm your module meets these requirements.

For more information on publishing public extensions, see Publishing extensions to make them available for public use.

Public modules can contain other public modules as child modules, to a level of three deep.
Public modules can't include circular dependencies on child modules, or vice versa.
Custom resources aren't supported in public modules.
Only public resources are supported in public modules. The public resources can be published by Amazon or third-parties.
Any third-party public resources included in the module must include the necessary publisher information, as detailed in Specifying publisher metadata for public third-party resources.
The supported major versions listed in the module for a resource type must be subset of the supported major versions specified for the resource type in any child modules.

Specifying publisher metadata for public third-party resources

For any third-party public resources you include in your public module, you must specify additional publisher information. This enables CloudFormation to determine the resource type specified, and which versions of that resource the module supports. Specify the following properties in a Metadata element in your resource definition:

PublisherId

The publisher ID of the resource type publisher.
RegionalPublisherId

An array listing the regions in which the publisher is registered, with the publisher ID in each region.
OrignalTypeName

The original type name of the resource type, as specified by the publisher.
SupportMajorVersions

An array listing the major versions of the resource this module supports.

For example, the following module snippet adds a resource to the module. The module uses a type alias, Module::DDB::Table, for the resource type, but also includes the original type name, Mongodb::DDB::Table, so that CloudFormation can determine if the resource type is enabled in the user's account. The snippet also includes publisher ID information, in case multiple publishers have published public resource types of the same name, in addition to which major versions of the resource type that the module supports.


Resources:
  SampleDDB:
    Type: Module::DDB::Table
    Properties:
       TableName: xx
       IndexName: xxx
    Metadata:
      PublisherId: dfdxfdfwed
      RegionalPublisherId:
        us-east-1: c34ntbnrb1
        us-west-2: eer332gfdf
      OrignalTypeName:
         Mongodb::DDB::Table
      SupportMajorVersions: [1, 2, 3]
    .....

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Developing modules

Develop a module